Shawn: We have experienced this before and we could not come up with a solid solution and we too did not want to write the cart contents to the database. Instead, we serialized the session into a WDDX structure and then passed it via a hidden form post to our other SSL server. Deserialized the WDDX form element and place it back into a session variable structure and we were set to go. This was something we did back in 4.5/5 days. Since SSL certs are so cheap now, we pretty much make our clients purchase one instead of having to go through this hassle.
Best of luck, -JSLucido -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of andreux Sent: Tuesday, April 05, 2005 12:31 PM To: [email protected] Subject: Session Variables across multiple domains (SSL) Howdy all, I have developed a basic shopping cart which, for speed issues (to avoid reads from the db), keeps the shopping cart information (items in cart, etc) within Session variables under the site's main domain. (Let's say www.xyz.com) When the shopper goes to check out, the client wants the checkout form where they enter their credit card info to be secured by SSL. Because you have to map SSL certificates by ip/port rather than hostname/ip/port like non-secure sites, the solution which we've come up with is to have the user hop onto our main SSL cert for the checkout page (using a virtual directory for the secure website) so that the checkout form's address is something like: https://www.securesite.com/xyz. The obvious problem is that I need the Session structure to carry over to the secure page for use. Obvious workarounds include writing the shopping cart to the database, but that eliminates the advantage of storing the info in Session variables. Has anyone experienced this kind of scenario, and if so, what problems/workarounds have you come up with to "share" Session variable information across multiple domains? Any insight, allegories, or suggestions would be most appreciated. There is a time crunch on this project and I need a workaround relatively soon. Thanks in advance, Andrew Matthews __________________________________ Do you Yahoo!? Yahoo! Personals - Better first dates. More second dates. http://personals.yahoo.com ---------------------------------------------------------- To post, send email to [email protected] To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm ---------------------------------------------------------- To post, send email to [email protected] To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm
